Promise zero knowledge and its applications to round optimal MPC

Saikrishna Badrinarayanan; Vipul Goyal; Abhishek Jain; Yael Tauman Kalai; Dakshita Khurana; Amit Sahai

doi:10.1007/978-3-319-96881-0_16

Promise zero knowledge and its applications to round optimal MPC

Saikrishna Badrinarayanan, Vipul Goyal, Abhishek Jain, Yael Tauman Kalai, Dakshita Khurana, Amit Sahai

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

We devise a new partitioned simulation technique for MPC where the simulator uses different strategies for simulating the view of aborting adversaries and non-aborting adversaries. The protagonist of this technique is a new notion of promise zero knowledge (ZK) where the ZK property only holds against non-aborting verifiers. We show how to realize promise ZK in three rounds in the simultaneous-message model assuming polynomially hard DDH (or QR or N (formula presented) -Residuosity). We demonstrate the following applications of our new technique: We construct the first round-optimal (i.e., four round) MPC protocol for general functions based on polynomially hard DDH (or QR or N (formula presented) -Residuosity).We further show how to overcome the four-round barrier for MPC by constructing a three-round protocol for “list coin-tossing” – a slight relaxation of coin-tossing that suffices for most conceivable applications – based on polynomially hard DDH (or QR or N (formula presented) -Residuosity). This result generalizes to randomized input-less functionalities. Previously, four round MPC protocols required sub-exponential-time hardness assumptions and no multi-party three-round protocols were known for any relaxed security notions with polynomial-time simulation against malicious adversaries. In order to base security on polynomial-time standard assumptions, we also rely upon a leveled rewinding security technique that can be viewed as a polynomial-time alternative to leveled complexity leveraging for achieving “non-malleability” across different primitives.

Original language	English (US)
Title of host publication	Advances in Cryptology – CRYPTO 2018 - 38th Annual International Cryptology Conference, 2018, Proceedings
Editors	Alexandra Boldyreva, Hovav Shacham
Publisher	Springer-Verlag
Pages	459-487
Number of pages	29
ISBN (Print)	9783319968803
DOIs	https://doi.org/10.1007/978-3-319-96881-0_16
State	Published - Jan 1 2018
Externally published	Yes
Event	38th Annual International Cryptology Conference, CRYPTO 2018 - Santa Barbara, United States Duration: Aug 19 2018 → Aug 23 2018

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10992 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	38th Annual International Cryptology Conference, CRYPTO 2018
Country	United States
City	Santa Barbara
Period	8/19/18 → 8/23/18

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-319-96881-0_16

Fingerprint Dive into the research topics of 'Promise zero knowledge and its applications to round optimal MPC'. Together they form a unique fingerprint.

Cite this

Badrinarayanan, S., Goyal, V., Jain, A., Kalai, Y. T., Khurana, D., & Sahai, A. (2018). Promise zero knowledge and its applications to round optimal MPC. In A. Boldyreva, & H. Shacham (Eds.), Advances in Cryptology – CRYPTO 2018 - 38th Annual International Cryptology Conference, 2018, Proceedings (pp. 459-487). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10992 LNCS). Springer-Verlag. https://doi.org/10.1007/978-3-319-96881-0_16

Promise zero knowledge and its applications to round optimal MPC. / Badrinarayanan, Saikrishna; Goyal, Vipul; Jain, Abhishek; Kalai, Yael Tauman; Khurana, Dakshita; Sahai, Amit.

Advances in Cryptology – CRYPTO 2018 - 38th Annual International Cryptology Conference, 2018, Proceedings. ed. / Alexandra Boldyreva; Hovav Shacham. Springer-Verlag, 2018. p. 459-487 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10992 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Badrinarayanan, S, Goyal, V, Jain, A, Kalai, YT, Khurana, D & Sahai, A 2018, Promise zero knowledge and its applications to round optimal MPC. in A Boldyreva & H Shacham (eds), Advances in Cryptology – CRYPTO 2018 - 38th Annual International Cryptology Conference, 2018, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10992 LNCS, Springer-Verlag, pp. 459-487, 38th Annual International Cryptology Conference, CRYPTO 2018, Santa Barbara, United States, 8/19/18. https://doi.org/10.1007/978-3-319-96881-0_16

Badrinarayanan S, Goyal V, Jain A, Kalai YT, Khurana D, Sahai A. Promise zero knowledge and its applications to round optimal MPC. In Boldyreva A, Shacham H, editors, Advances in Cryptology – CRYPTO 2018 - 38th Annual International Cryptology Conference, 2018, Proceedings. Springer-Verlag. 2018. p. 459-487. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-96881-0_16

Badrinarayanan, Saikrishna ; Goyal, Vipul ; Jain, Abhishek ; Kalai, Yael Tauman ; Khurana, Dakshita ; Sahai, Amit. / Promise zero knowledge and its applications to round optimal MPC. Advances in Cryptology – CRYPTO 2018 - 38th Annual International Cryptology Conference, 2018, Proceedings. editor / Alexandra Boldyreva ; Hovav Shacham. Springer-Verlag, 2018. pp. 459-487 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{259b0230a076484cbb406193659b6112,

title = "Promise zero knowledge and its applications to round optimal MPC",

abstract = "We devise a new partitioned simulation technique for MPC where the simulator uses different strategies for simulating the view of aborting adversaries and non-aborting adversaries. The protagonist of this technique is a new notion of promise zero knowledge (ZK) where the ZK property only holds against non-aborting verifiers. We show how to realize promise ZK in three rounds in the simultaneous-message model assuming polynomially hard DDH (or QR or N (formula presented) -Residuosity). We demonstrate the following applications of our new technique: We construct the first round-optimal (i.e., four round) MPC protocol for general functions based on polynomially hard DDH (or QR or N (formula presented) -Residuosity).We further show how to overcome the four-round barrier for MPC by constructing a three-round protocol for “list coin-tossing” – a slight relaxation of coin-tossing that suffices for most conceivable applications – based on polynomially hard DDH (or QR or N (formula presented) -Residuosity). This result generalizes to randomized input-less functionalities. Previously, four round MPC protocols required sub-exponential-time hardness assumptions and no multi-party three-round protocols were known for any relaxed security notions with polynomial-time simulation against malicious adversaries. In order to base security on polynomial-time standard assumptions, we also rely upon a leveled rewinding security technique that can be viewed as a polynomial-time alternative to leveled complexity leveraging for achieving “non-malleability” across different primitives.",

author = "Saikrishna Badrinarayanan and Vipul Goyal and Abhishek Jain and Kalai, {Yael Tauman} and Dakshita Khurana and Amit Sahai",

note = "Funding Information: S. Badrinarayanan, D. Khurana and A. Sahai—Research supported in part from a DARPA/ARL SAFEWARE award, NSF Frontier Award 1413955, NSF grants 1619348, 1228984, 1136174, and 1065276, BSF grant 2012378, a Xerox Faculty Research Award, a Google Faculty Research Award, an equipment grant from Intel, and an Okawa Foundation Research Grant. This material is based upon work supported by the Defense Advanced Research Projects Agency through the ARL under Contract W911NF-15-C-0205. The views expressed are those of the authors and do not reflect the official policy or position of the Department of Defense, the National Science Foundation, or the U.S. Government. Fifth author{\textquoteright}s research also supported by the UCLA Dissertation Year Fellowship. V. Goyal—Work supported in part by a grant from Northrop Grumman. A. Jain—Supported in part by a DARPA/ARL Safeware Grant W911NF-15-C-0213, and a subaward from NSF CNS-1414023.; 38th Annual International Cryptology Conference, CRYPTO 2018 ; Conference date: 19-08-2018 Through 23-08-2018",

year = "2018",

month = jan,

day = "1",

doi = "10.1007/978-3-319-96881-0_16",

language = "English (US)",

isbn = "9783319968803",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer-Verlag",

pages = "459--487",

editor = "Alexandra Boldyreva and Hovav Shacham",

booktitle = "Advances in Cryptology – CRYPTO 2018 - 38th Annual International Cryptology Conference, 2018, Proceedings",

}

TY - GEN

T1 - Promise zero knowledge and its applications to round optimal MPC

AU - Badrinarayanan, Saikrishna

AU - Goyal, Vipul

AU - Jain, Abhishek

AU - Kalai, Yael Tauman

AU - Khurana, Dakshita

AU - Sahai, Amit

N1 - Funding Information: S. Badrinarayanan, D. Khurana and A. Sahai—Research supported in part from a DARPA/ARL SAFEWARE award, NSF Frontier Award 1413955, NSF grants 1619348, 1228984, 1136174, and 1065276, BSF grant 2012378, a Xerox Faculty Research Award, a Google Faculty Research Award, an equipment grant from Intel, and an Okawa Foundation Research Grant. This material is based upon work supported by the Defense Advanced Research Projects Agency through the ARL under Contract W911NF-15-C-0205. The views expressed are those of the authors and do not reflect the official policy or position of the Department of Defense, the National Science Foundation, or the U.S. Government. Fifth author’s research also supported by the UCLA Dissertation Year Fellowship. V. Goyal—Work supported in part by a grant from Northrop Grumman. A. Jain—Supported in part by a DARPA/ARL Safeware Grant W911NF-15-C-0213, and a subaward from NSF CNS-1414023.

PY - 2018/1/1

Y1 - 2018/1/1

N2 - We devise a new partitioned simulation technique for MPC where the simulator uses different strategies for simulating the view of aborting adversaries and non-aborting adversaries. The protagonist of this technique is a new notion of promise zero knowledge (ZK) where the ZK property only holds against non-aborting verifiers. We show how to realize promise ZK in three rounds in the simultaneous-message model assuming polynomially hard DDH (or QR or N (formula presented) -Residuosity). We demonstrate the following applications of our new technique: We construct the first round-optimal (i.e., four round) MPC protocol for general functions based on polynomially hard DDH (or QR or N (formula presented) -Residuosity).We further show how to overcome the four-round barrier for MPC by constructing a three-round protocol for “list coin-tossing” – a slight relaxation of coin-tossing that suffices for most conceivable applications – based on polynomially hard DDH (or QR or N (formula presented) -Residuosity). This result generalizes to randomized input-less functionalities. Previously, four round MPC protocols required sub-exponential-time hardness assumptions and no multi-party three-round protocols were known for any relaxed security notions with polynomial-time simulation against malicious adversaries. In order to base security on polynomial-time standard assumptions, we also rely upon a leveled rewinding security technique that can be viewed as a polynomial-time alternative to leveled complexity leveraging for achieving “non-malleability” across different primitives.

AB - We devise a new partitioned simulation technique for MPC where the simulator uses different strategies for simulating the view of aborting adversaries and non-aborting adversaries. The protagonist of this technique is a new notion of promise zero knowledge (ZK) where the ZK property only holds against non-aborting verifiers. We show how to realize promise ZK in three rounds in the simultaneous-message model assuming polynomially hard DDH (or QR or N (formula presented) -Residuosity). We demonstrate the following applications of our new technique: We construct the first round-optimal (i.e., four round) MPC protocol for general functions based on polynomially hard DDH (or QR or N (formula presented) -Residuosity).We further show how to overcome the four-round barrier for MPC by constructing a three-round protocol for “list coin-tossing” – a slight relaxation of coin-tossing that suffices for most conceivable applications – based on polynomially hard DDH (or QR or N (formula presented) -Residuosity). This result generalizes to randomized input-less functionalities. Previously, four round MPC protocols required sub-exponential-time hardness assumptions and no multi-party three-round protocols were known for any relaxed security notions with polynomial-time simulation against malicious adversaries. In order to base security on polynomial-time standard assumptions, we also rely upon a leveled rewinding security technique that can be viewed as a polynomial-time alternative to leveled complexity leveraging for achieving “non-malleability” across different primitives.

UR - http://www.scopus.com/inward/record.url?scp=85052378174&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85052378174&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-96881-0_16

DO - 10.1007/978-3-319-96881-0_16

M3 - Conference contribution

AN - SCOPUS:85052378174

SN - 9783319968803

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 459

EP - 487

BT - Advances in Cryptology – CRYPTO 2018 - 38th Annual International Cryptology Conference, 2018, Proceedings

A2 - Boldyreva, Alexandra

A2 - Shacham, Hovav

PB - Springer-Verlag

T2 - 38th Annual International Cryptology Conference, CRYPTO 2018

Y2 - 19 August 2018 through 23 August 2018

ER -